This guide is an expansion on a PDF guide I created, to make it simpler to follow.
http://deadbot.net/dontgetpwned.pdf (The PDF file, read it)
Step 1: PDF files
Examples of what an attacker could do:
1) Using metasploit, add a hidden payload to the PDF, containing a Trojan virus.
2) You open the PDF, and your computer is infected without you even knowing.
NOTE: Antivirus software can only detect known viruses. If someone create a custom coded virus, and somehow gets it on your computer, no antivirus software will detect it.